On Sep 19, 2013, at 9:43 AM, Paul Moore <p.f.moore@gmail.com> wrote:
On 19 September 2013 14:27, Donald Stufft <donald@stufft.io> wrote:
Major changes:
* Removal of the option to fetch pip from PyPI in order not to modify the trust model of the Python installers * Consequently rename the model from ``getpip`` to ``extractpip``
If extractpip (I agree, I don't like the name, installpip is better) only ever unpacks the bundled pip, and it's always run, why bother? Why not just bundle pip directly into site-packages? The extra step seems to add little or no value.
Paul
Well it's not always run (the PEP has it as an option in the installers that is checked by default) but even if it were always installed: - Nick has stated something about making it clear in the OSs installer DB which files are owned by Python and which are owned by pip - Upgrading becomes harder, instead of simply using pip's own mechanism the installer needs to take care not to clobber a user installed pip that is even newer than the bundled version. - "Fixing" a broken environment. If someone accidentally uninstalls pip this provides a simple way to reinstall it that doesn't require the old standby of getpip.py ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA